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(b) All the claims are believed to be directed to a single invention. If the 
Office determines that all the claims presented are not obviously directed to a single 
invention, then Applicants will make an election without traverse as a prerequisite to the 
grant of special status. 

(c) Pre-examination searches were made of U.S. issued patents, including 
a classification search, a computer database search, and a keyword search. The searches were 
performed on or around April 30, 2004. The classification search covered Classes 709 
(subclass 220) and 713 (subclasses 165, 168, and 200), and was conducted by a professional 
search firm, Kramer & Amado, P.C. The computer database search was conducted on the 
USPTO systems EAST and WEST. The keyword search was conducted in Classes 709 
(subclasses 223 and 232) and 713 (subclasses 193 and 201). 

(d) The following references, copies of which are attached herewith, are 
deemed most closely related to the subject matter encompassed by the claims: 

(1) U.S. Patent Application No. 2001/0025346 Al; 

(2) U.S. Patent Application No. 2003/0126441 Al ; 

(3) U.S. Patent Application No. 2002/0157016 Al ; 

(4) U.S. Patent No. 6,453,418 Bl; 

(5) International Patent Publication No. WO 03/029940A2. 

(e) Set forth below is a detailed discussion of references which points out 
with particularly how the claimed subject matter is distinguishable over the references. 

A. Claimed Embodiments of the Present Invention 

The claimed embodiments relate to a method and system for updating security 
information which is stored in a storage device of a server that is managed by a client. The 
cHent is a "diskless client" that does not include a local disk device. The security information 
in the storage device of the server is updated by a management computer connected to the 
server. One benefit is that the security information can be updated even when the operation 
of the client is halted. 

Independent claim 1 recites a method for updating information on security, in 
which a client is connected with a server through a network. The server includes a storage 
device that is managed by the client. The storage device stores security information. The 
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method comprises updating the security information stored in the storage device that the 
client manages in the server. 

Independent claim 8 recites a chent connected to a server through a network. 
The server includes a storage device. The client comprises a xmit managing the storage in the 
server. The storage device stores security information. The security information is updated 
without operation of the client. The client further comprises a unit referencing the secxuity 
information. 

Independent claim 14 recites a server connected to a client through a network. 
The server comprises a unit commimicating with the client through the network; and a 
storage device that is managed by the client. The storage device stores security information 
to be updated. 

Independent claim 21 recites a management computer connected through a 
network to a server. The server includes a storage device that is managed by a client. The 
storage device stores security information of the client. The management computer 
comprises a unit communicating with the server through the network; and a imit updating the 
security information of the client. 

B. Discussion of the References 

1. U.S. Patent Application No, 2001/0025346 Al 

This reference discloses security management and audit of a business 
information system in accordance with an information security policy. The security 
management system for controlling the security status of each of a plurality of managed 
systems includes a plurality of management sections corresponding to at least one managed 
system and the information security policy. Each management section controls the security 
status of the managed system corresponding thereto so as to adjust the security status to the 
information security policy corresponding thereto. A database 133 is provided for registering 
a correspondence of the information security policy. The management and audit program 
corresponding to a range of the information security policy and the object system, which are 
designated by an operator, is retrieved and automatically executed. The management and 
audit program performs a management and audit concerning an information security policy of 
an object system corresponding to itself. As shown in Fig. 1, an information security policy 
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management and audit support apparatus 31 and management and audit object computers 32 
are connected to each other through a network 33. 

The reference is directed to a security management system for controlling the 
security status of each of a plurality of managed systems. The reference does not disclose 
updating security information stored in the storage device of a server that is managed by a 
client. Nor does it disclose a diskless client or a management computer that updates the 
security information, 

2. U.S. Patent Application No. 2003/0126441 Al 

This reference discloses a single authentication for a plurality of services in a 
computing environment. When a first service of a plurality of related services is accessed, 
the user requesting access is provided with a security token that can be used by the user to 
access any one of the plurality of services on subsequent accesses. The user only needs to 
provide its authentication information once to access any number of related services. This 
eliminates the need for multiple log-ins for multiple uses of a plurality of services, thereby 
increasing speed and efficiency and reducing time and effort. In the embodiment shown, the 
user inputs the authentication information for transmission to the server 204 which, in 
response, verifies the information for the client 202. The session manager 236 of the server 
204 evaluates whether the authentication is successfiil. If so, the session manager 236 
establishes a session 232 and generates a security token for transmission to the client 202. 
The client 202 receives the security token for maintenance and subsequent use. 

The reference is directed to a single authentication for a plurality of services. 
The reference does not disclose updating security information stored in the storage device of 
a server that is managed by a client. Nor does it disclose a diskless client or a management 
computer that updates the security information. 

3. U.S. Patent Application No. 2002/0157016 Al 

This reference discloses a method and apparatus for data security for a 
distributed file system. Fig. 1 shows the interaction between client applications 108a, 108b 
and the distributed file system in opening files named "foo" and "bar." The client application 
108a uses the distribution file system interface 104a to open foo. The open file request is 
transmitted to the meta-data server 102, which generates an encryption key. The security 
object, along with the open file request, is transmitted to the storage server 106 as shown by 
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the ellipse 124. The security object includes a file identifier, encryption key, and a 
permission code that is associated with the client application. The security key is passed 
between components because the keys are created collaboratively, and the components will 
use them to decrypt the information. A block storage server 106 receives the security object 
and generates a list of blocks in the referenced file. The block list generally includes enough 
information for the block server to locate the data in subsequent requests firom the client 
application, and the specific information is implementation dependent. The block list is then 
encrypted using the encryption key in the security object and is stored in the security object, 
and the updated security object is returned to the meta-data server 102, as shown in the 
ellipse 126. The meta-data server 102 returns the security object to the distributed file system 
interface 104a as shown by the ellipse 128. The distributed file system interface 104a returns 
a status code to the cHent application 108a. See [0024] -[0025]. 

The reference relates to data security provided in a distributed file system to 
avoid enforcing security at the file level. The reference does not teach updating security 
information stored in the storage device of a server that is managed by a client. Nor does it 
teach a diskless cUent or a management computer that updates the security information. 

4. U.S. Patent No. 6.453,418 Bl 

This reference discloses an information accessing method that permits the user 
data belonging to a client-server system 100 to be accessed by a user belonging to another 
client-server system 500 under proper security, and that controls the permission for accessing 
the user data according to the security ranks of the user whose data is to be accessed and the 
user who wants to access the data. When a client unit 20 issues a request for accessing the 
user data of the user belonging to the other client-server system, the request for access is sent 
to an ID conversion unit 15 through a user ID management unit 12. The ID conversion unit 
operates to convert a user ID into a guest ID by referring to an ID conversion table 440, and 
then sends the request for access to a user ID management unit 52. The user ID management 
unit makes sure that the guest ID is registered by referring to the user ID table. The request 
for access is sent to the user data management unit through security check units, so that the 
while or the open portion of the user data specified on the user data is allowed to be accessed. 
See column 5, line 35 to column 6, line 27. 
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The reference relates to the use of ED conversion and ID management to 
provide access by a user of one client-server system to data in another client-server system. 
The reference fails to disclose updating security information stored in the storage device of a 
server that is managed by a client. It also fails to disclose a diskless client and a management 
computer that updates the security information. 

5. Intemational Patent Publication No. WO 03/029940A2 

This reference discloses a master policy server 101 that manages security 
policies for client computers 115-117, 119-121, 123-125 through a network of local policy 
servers 103 (managing clients 115-117), 105 (managing clients 119-121), 107 (managing 
clients 123-125). Each local policy server is responsible for the security policies on a group 
of clients and maintains a data store contaimng the security policies and security information 
pertaining to the cUent. Periodically, the master policy server and the local policy server 
synchronize, at which time the master policy server replicates updated policies to the local 
policy servers and the local policy servers upload client security statistics to the master policy 
server for consolidation into a global status. A local policy server may also request an 
updated security policy outside of the synchronization time frame. Similarly, the master 
policy server may request the client statistics from a local policy server outside of the 
synchronization time frame. 

The reference relates to a master policy server that manages security policies 
through a network of local policy servers via periodic updates. The reference does not teach 
updating security information stored in the storage device of a server that is managed by a 
cUent. Nor does it teach a diskless client or a management computer that updates the security 
information. 
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(f) In view of this petition, the Examiner is respectfully requested to issue 
a first Office Action at an early date. 



Respectfully submitted, 

Chun-Pok Leung 
Reg. No. 41,405 

TOWNSEND and TOWNSEND and CREW LLP 

Two Embarcadero Center, S"' Floor 

San Francisco, California 94 11 1-3834 

Tel: 650-326-2400 

Fax: 415-576-0300 

Attachments 

RL:rl 

60227748 v1 
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2 (57) Abstract: A master policy server manages security polices for client computets thioagh a netwoik of local policy servers. Each 
local policy server is lesponsible for tiie security policies on a group of clients and maintains a data store containing the security 

^ policies and security information pertaining to the clients. Periodically, tiie master policy server and the local policy server synctuo- 
nizB, at which time the master policy server replicates updated policies to the local policy servers and the policy servers oj^oad client 
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MASTER SECURITY POLICY SERVER 

FIELD OF THE INVENTION 

This invention relates generally to computisr securiQr, and more paiticulaiiy to 
managin| security polides tiuough a centralized server. 

COFYRI6HT NOTICE^PERMISSION 
A portion of the disclosure of this patent document contains material which is 
subject to copyright protection. The copyright owner has no objection to die facsimile 
reproduction by anyone of the patent document ot the patent disclosure as it appears in 
the Patent and Trademark Office patent ffle or records, but otherwise reserves all 
copyright rights whatsoever. The following notice appUes to tile software and data as 
described below and in die drawings hereto: Copyright © 2001, Networks Associates 
Technology, Inc., All Ri^ts Reserved. 

BACKGROUND OF THE INVENTION 
Organizations often manage tiieir conq)uter security poHcies from a central 
location, typically employing a single computer server to manage tiie security poUces on 
networked user (cHent) computers. The cUents poll die server several times a day to 
check for, and optionally download, updated security poUcies and to upload their status 
to die server. Assuming a cUent and die server exchange a large amount of data several 
times a day, tiw data traffic between die server and even a small number cUents can cause 
significant degradation for overall network communications. 

SUMMARY OF THE INVENTION 
A master poUcy saver manages security poUces for cUent computers fluough a 
network of local pbUcy servers. Each local poUcy server is responsible for die security 
poUcies on a group of cUents and maintains a data store containing die security poUcies 
and security information pertaining to die cUents. Periodicidly, die master poUcy server 
and die local poUcy server synchronize, at whidi time die master poUcy server repUcates 
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updated policies to the local policy servers and tfie local policy servers upload client 
security statistics to the master policy server for consolidation into a global status. A 
local policy servw may also request an updated security policy outside of the 
synchibnizalion timeframe. Similariy. the master poUcy server may also request the 
client statistics from a local policy server outside of the synchronization timeframe. 

Because ttie local policy servers consolidate the statistics firom the clients prior to 
uploading it to the masta policy server, the amount of data flowing ttuoug^ tiie netwodc 
to the master policy server is greatly reduced. Sumlaily, because the master policy server 
lepUcates the security policies to a few local poHcy servers instead of to each cUent, the 
amount of data flowing tturough the netwcnk from the mastor poUcy sctvct is also 
reduced. 

The piesoit invaition describes systems. cUents. servers, methods, and conq)utM- 
readable media of varying scope. In addition to the aspects and advantages of the present 
invention described in this summary, finther aspects and advantages of the invMition will 
become apparent by reference to the drawings and by reading the detailed description that 
follows. 

BRIEF DESCaEUFHON OF THE DRAWINGS 
Hgure 1 is a diagram illustrathig a system-level overview of an embodiment of 
the invention; 

Hguie 2A is a flowchart of a mettiod to be pafotmed by a master server 

according to an embodiment of the invention; 

Figure 2B is aflowchart of a method to be performed by a local server operating 

in conjunction with the master server of Rgure 2A; 

Rgure 3 A is a diagram of one embodiment of an opoating enviiooment suitable 
for practicing the present invention; and 

Rguie 3B is a diagram of one embodiment of a computer system suitable for use 
in tiie operating environment of Figure 3 A. 
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DBTAIUa) DESOMPnON OF THE INVENTION 
fa the following detailed description of embodiments of the invention, reference 
is made to the accompanying drawings in which like references indicate similar el«nfflits, 
and in which is shown by way of illustrati(xi specific emibodiments in which the 
invention may be prac^ced. These embodiments are described in sufficient detail to 
enable Aose skilled in tfie ait to practice flie invention, and it is to be understood that 
othCT embodimmts may be utilized and that logical, mechanical, electrical, functional, 
and other changes mi^ be made without departing from the scope of the presoit 
invention. The following detailed description is, therefore, not to be taken in a limiting 
sense, and the scope of the present invention is defined only by the appended claims. 

A system level overview of the operation of an embodiment of the invention is 
described by reference to Hgure 1, which illustrates a security policy distribution system 
100. The system 100 utilizes a master policy servw 101 to manage security poUcies on 
cUent (user) computers thiou^ a network 129 of local policy severs A 103, B 105 and C 
107. For example, local policy server A103 manages client A-1 115 through clioat A-N 
117, while local poUcy server B 105 manages client B-1 119 thiougji B-N 121. Altiiough 
the clients are represented as individual systems in Figure 1, it will be appredated tiiat 
they may be grouped together by hardware and software platform type, domain name, site 
location, or physical or lo^cal re^on. 

Each local poUcy server has a local data store 109, 111, 113 that contains the 
security policies aid security information collected from the cUent computers it manages. 
Each type of hardware and software platform acting as a client computer may be 
associated witii a exemplary security policy or may share exemplary security poUcies 
witii odier platforms. The security poKcy may contain configuration parameters for anti- 
virus programs, firewalls, and otiier security software that protect a cUent computer from 
compromise by a third-party. 

Communication between tiie local policy servers 103, 105, 107 and the master 
policy server 101 tiirough network 129 is intermittent Each local poUcy server 103, 105, 
107 is responsible for periodicaUy querying the master poUcy server 101 to determine if 
the security poUdes appUcable to its cHents have changed. The local policy servers also 
periodically, or upon request, send cUent security statistics derived from the security 
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infonnation on local data stores 109, 111, 113 to the master poUcy server 101, which acte 
as a consoUdation point for status infoiination legaiding the.overa^ 
systemlOO. The statistics ftom the local poUcy servers are stored in a global data store 
127. When a global status for the system 100 is requested, the master policy server 101 
derives the status fiom the statistics in the global data store 127 and, optionally, from 
additional statistics obtained ftom the local poUcy serveis. More detailed status 
information for particular cHents or groups of clients is obtained ftom the appropriate 
local policy server. 

In one embodiment, die master poUcy server 101 and the local policy servers 103, 
105, 107 synchronize security poUcies and statistics at times when less data traffic is 
generaUy experienced on die networic 129. When die local poUcy servers are physically 
located in different time zones, the synchronization may occur at several points during a 
twenty-four hour period. In an alternate embodiment, die local poUcy servers can 
schedule checks for updated poUcies in addition to the synchronization process. 
Furthermore, it will be appreciated diat the synchronization at a local policy server may 
happen more than once a day. The networic 129 connecting tiie master poUcy server and 
the local poUcy servers is secured using any of several well-known secure transmission 
protocols when the security poUcies are being uploaded to die master policy server 101 or 
repUcated to the local policy servers 103. 105, 107. Odierwise, no particular networic 
transmission protocols are required in the system 100. 

When die system 100 is installed, die system administrator may create die initial 
security policies at one of die local poHcy servers 103, 105. 107 for transfer to die master 
poUcy server 101 and subsequent repUcation to die other local poUcy servers, or directly 
at die master poUcy server 101. Similarly, updates to die security poUcies may be 
performed at a local poUcy server or at die master poUcy server. In one embodiment, die 
master poUcy server 101 maintains global level security poUcy configurations and die 
local policy servers 103, 105, 107- derive dieir local level configuration and set-up 
poUcies for tiiar cUents from the global level configurations. 

The number of local poUcy servers is dependent upon die number of cUents at 
eachsiteanddiephysicallocationsafdiesites. Because die master poUcy server 101 
only sends and recdves data from die local poUcy servers 103. 105, 107 instead of each 
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Of the cUents. a single master poUcy server and conimon TCP/IP wide-area networics are 
gpneraUy able to handle the amount of data being transfened in the system 100. 
Alternate embodiments in which additional levels of servers are faicorporated between 
the local poUcy servers 103.105, 107 and the master poUcy server 101 are also 
contemplated and are considered within the scope of the invention. 

The operations of an embodiment of a security poUcy distribution system 100 
have been described in terms of a single master poKcy server and three local poUcy 
servers as illustrated in Rgure 1. but the invention is not so limited. Next, the particular 
methods of the invention that perform the operations for the systan 100 are described in 
terms of computer software with reference to a series of flowcharts. The methods to be 
perforaied by a computer constitute computer programs made up of computer-executable 
instructions illustrated as blocks (acts). Describing the methods by reference to a 

flowchart enables one skilled in the art to develop such programs including such 
instructions to carry out the methods on suitably configured computera (the processing 
unit of the computer executing the instructions from computer-readable media). The 
computer-executable instructions may be written m a computer programming language or 
may be embodied in finnware logic. If written in a programming language conforming 
to a recognized standard, such instructions can be executed on a variety of hardware 
platforms and for interface to a variety of pperating systems. Jn addition, the present 
invention is not described with reference to any particular programming language. It will 
be appreciated that a variety of programming languages may be used to implement the 
teachings of the mvention as described herein. Furthermore, it is common in the art to 
speak of software, in one form or another (e.g., program, procedure, process, appUcation, 
module,logic...),astalcinganactionorcausingaresult. Such expressions are merely a 
shorthand way of saying that execution of the software by a computer causes the 

processor of the computer to perform an action or a produce a result. 

Referring first to Rgure 2A, the acts to be performed by a computer executing a 
iMstBr swver method 200 to perform the operations described for the master poUcy 

server 101 m Rgure 1 is shown. The master server metfiod 200 is invoked by one or 
moreofaseries of predetermhiedevcaits. If anew poUcy has been created, ddier atthe 

nwsterpoUcy server 101. or at one of the local policy servers. 103. 105. 107, (block 201), 
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the master server method 200 obtains and stores the security policy at block 203. If the 
master server method 200 receives a request for a new policy fix)m a local policy server . 
(block 205), the master server method 200 replicates the policy to the requestor at block 
207. It wiD be appreciated that the master policy server will rq)licate those policies 
which are requested by the local policy server, i.e., those poUdes particular to the client 
platforms which the local policy server is managing. If the master server method 200 
receives a request for system status (block 209)» the master s^ver method 200 
determines if tiie request is for historical or current status (block 213). If the report is fen: 
current status, the master server method 200 obtains the current statistics from the local 
servers at block 215. The appropriate status is returned to the requester at the block 217. 
Oth^wise, the event that invoked the master server method 200 is a scheduled 
synchronization event and the master server method 200 synchronizes security policies 
and statistics with the appropriate local policy servers at block 211. 

A local server method 230 is illustrated in Figure 2B that performs the operations 
previously described for the local policy servers 103, 105, 107 in Figure 1. As with tiie 
master server method 200, the local serv^ method 230 is invoked by one or more of a 
predetermined sequence of events. If a new policy has been configured on the local 
policy server (block 231), the local server method 230 sends the new policy to the master 
policy server at block 233 for replication to the other local policy servers. If the event is 
a scheduled check for the availability of new policies (block 235), the local server 
method 230 requests appropriate new policies firom the master poUcy server at block 237 
and receive and apply any new policies at block 239. If the local server method 230 
receives a request for current status from the master server method 200 (block 241), it 
send its current statistics to the master poUcy server at block 243. Otherwise, the event is 
a scheduled synchronization event and the local server method 230 synchronizes with the 
mast^ policy server at block 245, sending statistics from the local data store to the 
master policy sorver and receiving any updates to the security policies. 

The methods performed by a master policy saver and local policy server have 
been shown by reference to flowcharts in Figures 2A and 2B, respectively, including all 
the acts from 201 until 217 and £com 231 until 245. It wiU be iq^^^ 
fewer processes may be incorporated into the methods illustrated in Hguies 2A-B 
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without departing from the scope of the invention, and that no paiticular order is implied 
by the arrangement of blocks shown and described herein. 

. The following description of Figures 3 A-B is intended to provide an overview of 
computer hardware and other operating components suitable for performing Uie methods 
of the invention descnbed above, but is not intended to limit the applicable 
environments. One of skill in the art will immediately appreciate that the invention can 
be practiced with other computer system configurations, including hand-held devices, 
multiprocessor systems, microprocessor-based or programmable consumer electronics, 
network PCs, minicomputers, mainframe computers, and the like. The invention can 
also be practiced in distributed computing environments where tasks are p^ormed by 
remote processing devices that are linked through a conmiunications network. 

. Figure 3A shows several computer systems that are coupled togeth^ through a 
network 3, such as the Internet The term Thtemet" as used herdn refers to a network of 
netwodcs which uses certain protocols, such as the TCP/IP protocol, and possibly other 
protocols such as the hypertext transfer protocol (HTTP) for hypertext markup language 
(EirML) documents that make up the World Wide Web (web). The physical connections 
of the Ihtemet and the protocols and communication procedures of tiie Mtemet are well 
known to those of skill in the art. Access to the Internet 3 is typically provided by 
Litemet service providers (JSP), such as the ISPs S and 7. Users on client systems, such 
as client compute systems 21, 25, 35, and 37 obtain access to die Internet through the 
Internet service providers, such as ISPs 5 and 7 . Access to the Internet allows usm of 
the client computer systems to exchange information, receive and send e-mails, and view 
documents, such as documents which have been prepared in the HTML formaL Hiese 
docmnents are often provided by web servers, such as web server 9 which is conddeced 
to be "on" the Internet Often these web servers are provided by the ISPs, such as ISP 5, 
although a computer system can be set up and connected to the Ihtemet without that 
system being also an ISP as is well known in die art. 

Hie web server 9 is typically at least one computer system which operates as a 
server computer system and is configured to operate widi the protocols of the World 
Wide Web and is coupled to the Internet Optionally, the web server 9 can be part of an 
ISP whidi provides access to the Internet for client systems. The web server 9 is shown 
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coupled to the server computer system 1 1 which itself is coupled to web content 10, 
which can be considered a form of a media database. It will be appreciated that while 
two computer systems 9 and 1 1 are shown in Figure 3 A, the web server system 9 aiid the 
serv^ computer system 1 1 can be one computer system having different software 
components providing the web server functionality and the server functionality provided 
by the server computer system 1 1 which will be described further below. 

Client conq>uter systems 21, 25, 35, and 37 can each, with the appropriate web 
browsing software, view HTML pages provided by the web server 9. The ISP 5 provides 
Internet connectivity to the client computer system 21 through the modem interface 23 
which can be considered part of the client computer system 21. The client computer 
system can be a personal computer system, a network computer, a Web TV system, or 
other such coniputer syst^. Similarly, the ISP 7 provides Internet connectivity for client 
systems 25, 35, and 37, although as shown in Figure 3A, the connections are not the 
same for these three conq>uter systems. Client computer system 25 is coupled through a 
modem interface 27 while client compute systems 35 and 37 are part of a LAN; While 
Figure 3 A shows the interfaces 23 and 27 as generically as a "modem," it will be 
appreciated that each of these interfaces can be an analog modem, ISDN modem, cable 
modem, satellite transmission interface (e.g. "Direct PC"), or other interfaces for 
coupling a computer system to other computer systems. Client computer systems 35 and 
37 ate coupled to a LAN 33 through network interfaces 39 and 41, which can be Ethernet 
network or other network interfaces. The LAN 33 is also coupled to a gateway conQputer 
system 31 which can provide firewaU and other Intemet related services for Ae local area 
netwodc This gateway computer system 31 is coupled to the ISP 7 to provide Internet 
connectivity to the client computer systwns 35 and 37. The gateway computer system 31 
can be a conventional server computer system. Also, the web SCTver system 9 can be a 
conventional server computer system. 

Alternatively, as well-known, a server computer system 43 can be directly 
coupled to the LAN 33 through a network interface 45 to provide files 47 and other 
services to the clients 35, 37, without the need to connect to the Intemet througji the 
gateway system 31. 
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Figuie 3B shows one example of a conventional compute system that can be 
used as a cUent computea' system or a server computer system or as a web server system. 
It win also be appreciated that such a computer system can be used to perfonn many of 
tiie functions of an Internet service provider, such as ISP 5. The computer system 51 
interfaces to extranal systems through the modem or networic interface 53. It will be 
appreciated that the modem or netwoA intradface 53 can be considered to be part of the 
computer system 51. This interface 53 can be an analog modem, ISDN modem, cable 
modem, token ring interface, satelUte transmission interface (e.g. Tttrect PC"), or other 
interfaces for coupling a computer system to other computer systems. The computer 
system 51 includes a processing unit 55, which can be a conventional microprocessor 
such as an Intel Pentium nricroprocessw or Motorola Powar PC microprocessor. 
Memory 59 is coupled to the processor 55 by a bus 57. Mranory 59 can be dynamic 
random access memwy (DRAM) and can also include static RAM (SRAM). The bus 57 
couples the processor 55 to the memory 59 and also to non-volatUe storage 65 and to 
display controner 61 and to the input/output (I/O) controller 67. Hie display controller 
61 controls in the conventional manner a display on a display device 63 which can be a 
cathode ray tube (CRT) or liquid crystal display. The input/output devices 69 can 
include a keyboard, disk drives, printers, a scanner, and other input and output devices, 
including a mouse or other pointing device. The display controller 61 and the I/O 
controller 67 can be implemented vwth conventional well known technology. A digital 
image input device 71 can be a digital camera which is coupled to the I/O controller 67 in 
order to allow images from the digital camcaa to be input into the canq>uter system 51. 
The non-volatile storage 65 is often a magnetic hard disk, an optical disk, or another 
form of storage for large amounts of data. Some of this data is often written, by a direct 
memory access process, into memory 59 during execution of software in the computer 
system 51. One of skill in the art will immediately recognize that the term "computw- 
leadable medium" includes any type of storage device that is accessible by the processor 
55 and also encon^asses a carrier wave that encodes a data signal. 

It will be appreciated that the computer system 51 is one example of many 
possible con^uter systems which have different architectures. For example, personal 
computBis based on an Intel microprocessor often have multiple buses, one of which can 
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be an input/output (I/O) bus for the peripherals and one that directly connects the 
processor 55 and the memory 59 (often refened to as a memory bus). The buses are 
connected together through bridge components that perfocm any necessary translation 
due to differing bus protocols. 

Networic computes are anothortype of computer Systran that can be used with ttie 
present invention. Network computers do not usually include a haid disk or other mass 
stoiage, and the executable programs are loaded from a networic connection into the 
memory 59 for execution by the processor 55. A Web TV system, which is known in the 
art, is also considered to be a computer system according to the present mvention, but it 
may lack some of the features shown in Figure 3B, such as certain mput or output 
devices. A typical computer system will usually include at least a processor, memory, 
and a bus coupling the memory to the processor. 

It will also be appreciated that the computea: system 51 is controlled by opiating 
system software which includes a file management system, such as a disk operating 
system, which is part of the operating Systran software. One example of an operating 
system software with its associated file management system software is the family of 
operating systems known as Windows* from Microsoft Corporation of Redmond, 
Washington, and their associated file management systems. The file management system 
is typically stored in the non-volatUe storage 65 and causes the processor 55 to execute 
the various acts required by the operating system to input and output data and to store 
data in memory, including storing files on the non-volatile storage 65. 

A security poUcy distribution system that is managed by a master security policy 
server has been described. Although specific embodunents have been illustrated and 
described herein, it will be appreciated by those of ordinary skill in the art that any 

anangBment which is calculated to achieve the same purpose may be substituted for the 
spedfic embodiments shown. This application is intended to cover any adaptations or 
variations of die presmt iavraiticm. 

The terminology used in this appUcation with respect to network communications 
is meant to include aU communication media and environments, including local and wide 
areanetworiB. puWic and private commnnications environments, and wired and wireless 
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communications media, 'nierefore. it is manifesUy intended that this invention be 
limited only by the following claims and equivalents thraeof . 



wo 03/029940 



12 

CXAIMS 



PCTAJS02/26092 



WhatisclaiooBdis: 

1. A computerized method of distributing security poUdescoinprisi^ 
maintaining a security policy at a master policy sctvm; and 

periodically synchionizing the master poUcy server and a local poUcy server to 
replicate the security policy at Ae local policy server. 

2. The computerized method of claim 1, wherein the synbhionizing further comprises 
obtaining security statistics from the local poUcy server by the master policy server. 

3. The computerized mediod of claim 2 further conqnidng: 
deriving a global status from die statistics. 

4. The computerized method of claim 1, further comprising: 

obtaining security statistics by the master poUcy server upon request to the local 

policy servK. 

5. The computerized method of claim 1 further conq>rising: 

repUcating the security poUcy to the local poUcy server upon request to the master 
policy server. 

6. The computerized method of claim 1 further comprising: 
creating the security poUcy at Ae local poUcy server; and 
transferring the security poUcy to the master poUcy server. 

7. The computerized method of claim 1 furdi» conqmsing: 
creating the security policy at the master p<dicy server. 
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8. The computerized method of claim 1, wherein the synchipnizing is performed 
securely across a coiimiumcations medium coupUng the master poUcy ser^ 

policy serv». 

9. The computerized method of claim 1, fiirther comprising: 

managing security for a pluraUty of cUent platforms by the local poBcy server, the 
security policy comprising security parameters particular to each client platform. 

10. The computerized method of claim 9, further comprising: 

deriving the security policy parameters particular to each client platform ftom 
global security parameters, the security poUcy at the master poUcy comprising the gilobal 
security parameters. 

11. A computer-readable medium having executable instructions to caiKe a computer 
to perform a method comprising: 

maintaining a security policy at a master policy server, and 
periodically synchronizing the master policy server and a local policy server to 
replicate the security policy at the local policy server. 

12. The computer-readable medium of claim 11, wherein the synchronizmg fixrther 
comprises obtaining security statistics from the local policy server by the master policy 
server. 

13. The computer-readable medium of claim 12, wherein the method further 

conqnises: 

deriving a globd status firom the statistics. 

14. The computer-readable medium of claim 11, wherein the method fixrdier 
comprises: 

obtaining security statistics by the niastw poUcy server upon request to 
policy server. 
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15. The computer-ieadable medium of claim 1 1, wherein the method fuidier 
comprises: 

i^Ucating the security policy to the local policy senr«r upon 
policy server. 

16. The computCT-ieadable medium of claim 11, wherein the method further 
comprises: 

creating the security policy at the local policy server, and 
transferring the security policy to the master policy server. 

17. The computer-readable medium of claim 1 1, wherein the method further 
comprises: 

creating the security policy at the master policy SCTver. 

18- The computer-readable medium of claim 1 1, wherein the synchronizing is 
performed securely across a communications medium coupling the master policy server 
and the local policy server. 

19. The computer-readable medium of claim 1 1, wherein the method further 
comprises: 

managmg security for a pluraUty of cUent platforms by the local poKcy server, the 
security policy comprising security parameters particular to each client platform. 

20. The computer-readable medium of claun 19, wherein the method further 
comprises: 

deriving tfie security policy parameters particular to each client platfmm from 
global security parameters, the security poUcy at the master policy comprising th^ global 
security parametos. 

21. - A computer system comprisiiig: 

a processor coupled to a tosaoory tfaiou^ a bus; 

a network interface coupled to Ac processor through the bus; and 
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a mastCTseWer process executed ftom the memory by the pro(»ssOT the 
processor to m^mtftiTi a security policy and to periodically synchronize witti a local policy 
server through the network interface to replicate the security policy at the local policy 
server. 

22. The computer system of claim 21, wherein the master server process further causes 
the processor to obtain security statistics firom the local policy server ttirough the network 
interface during synchronization. 

23. Hie computer system of claim 22, wherein the master server process further causes 
the processor to derive a global status from the statistics. 

24. The computCT system of claim 21. wherein the master server process further causes 
the processor to request security statistics firom the local policy server through the network 
interface. 

25. The computer system of claim 21 , wherein the master server process further causes 
the processor to receive a request from the local policy server and to replicate the security 
policy to the local policy s^er in response. 

26. Hie computer system of claim 21, wherein the master server process further causes 
the processor to create the security policy, 

27. The computer system of claim 21, wherein the master s^ver process further causes 
the processor to couple the network interface to a secure communications medium for 
synchronizatioiL 

28. A compute system comprising: 

a processor coupled to a memory through a bus; 

a network interface coupled to the processor through the bus; and 
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a local server process executed firom the memory by the processor to cause the 
processor to periodically synchronize with a master policy server through the network 
interface to receive a security policy ficom amaster policy server, 

29. The computer system of claim 28» wherein the local server process further causes 
the processor to transfer security statistics to the master policy server through the network 
interface during synchronization. 

30. The computer system of claim 28, wherein the local server process furdier causes 
the processor to receive a request for security statistics from the master policy server and 
to transfer the security statistics to the master policy server througji the network interface 

. in response. 

31. The computer system of claim 28, wherein the local server process further causes 
the processor to request a security policy from the master policy server through the 
networic interface and to receive the security policy in response. 

32. The computer system of claim 28, wherein the local server process further causes 
the processor to create the security policy and to transfix the security policy to the master 
policy server through the network interface. 

33. The computer system of claim 28, wherein the local server process further causes 
the processor to inanage seciirity for a pluraUty of cUent platfonns, the security poU 

comprising security parameters particular to each client platform. 

34. The computer system of claim 33, wherein the local server process further causes 
the processor to derive the security policy parametCTS particular to each client platform 
from global security parameters, the security policy at the master policy server comprising 
the global security parameters. 

35. An apparatus comprising: 

networic means for interfacing to a netwodc; and 
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master policy means for maintaining a security policy and for periodically 
synchronizing with a local policy means through the network interface to replicate the 
security policy at the local policy means. 

36. The apparatus of claim 35, wherein the master policy means is further operable fm 
obtaining security statistics from the local policy means through the lietwoik means during 
synchronization. 

37. The apparatus of claim 36, wherein the master policy means is further operable for 
deriving a global status from the statistics. 

38. The apparatus of claim 35, wherein the master policy means is further operable for 
requesting security statistics from the local policy means through the netwoik means. 

39. The apparatus of claim 35, wherein the master policy means is further operable for 
receiving a request firom the local policy means through the netwoik means and for 
replicating the security policy to the local policy means through tiie network means in 
response. 

40. The apparatus of claim 35, wherein the master policy means is further operable for 
creating the security policy. 

41. The apparatus of claim 35, wherein the netwoik means is further operable for 
coupling to a secure communications medium for synchronization between the master 
policy means and the local policy means. 

42. An apparatus comprising: 

network means for interfacing to a netwoik; and 

local policy means for periodically synchronizing to a mast» policy means through 
the netwoik means to receive a security policy form the master policy means. 
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43. The apparatus of claim 42, wherein the local policy meaiis is further operable for 
transferring security statistics to the master policy means through the network means 
during synchronization. 

44. The apparatus of claim 42, wherein the local policy means is further operable for 
receiving a request for security statistics from the master policy means through the 
network means and for transfening the security statistics to the master policy meians 
through the network means in response. 

45. The apparatus* of claim 42, wherdn the local policy means is further operable for 
requesting a security policy from tfie master policy means through the network means and 
for receiving the security policy from the master policy means through the network means 
in response. 

46. The apparatus of claim 42, wherein the local policy means is further operable for 
creating the security policy and for transfening the security policy to the master policy 
means through the netwodc means. 

47. The computer system of claim 42, wherein tiie local security means is further 
operable for managing security for a plurality of client platforms, the security policy 
comprising security parameters particular to each client platfonn. 

48. The computer system of claim 47, wherein the local security means is further 
op^ble for deriving the security policy parameters particular to each client platform from 
global security parantetets, the security policy at the master policy means comprising the 
global security parameters. 
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